BOOK A DEMO
Looking to revolutionise your business continuity management/operational resilience planning?
SSP is a prominent worldwide provider of technology systems and services for the insurance sector. Backed by more than 35 years of industry expertise and a dedicated workforce of more than 700 skilled professionals, they play a pivotal role in shaping the industry. Their efforts empower insurers, brokers, and financial advisors to efficiently serve their customers.
In recent times, SSP’s operational model has grown substantially more intricate, leading to a significant shift in risk and impact profiles. The necessity for an extensive revision of their business continuity management system became apparent to align with their risk tolerance and the expectations of their stakeholders. They made the strategic decision to enhance their business continuity management system, catering to the evolving needs of their investors, strategic goals, risk landscape, and customer base.
Drawing on their existing partnership with Daisy and their business continuity and maintenance services, they engaged with their Daisy account manager to explore how our business continuity offerings could assist in establishing a robust and intelligent management system. This system aimed to elevate their continuity proficiency and resilience across a rapidly expanding organisation.
Our goal was to enhance their responsiveness to disruptive incidents, ensuring a clear understanding of their operating model within the threat landscape for themselves and stakeholders. We sought to confirm the adequacy of controls in maintaining their operations, safeguarding customer’s interests, and minimising disruption likelihood and impact. Furthermore, for competitive advantage, they also required demonstrable certification of management to international standards (ISO 22301).
In discussions held at their Solihull offices, Daisy demonstrated a keen understanding of their business resiliency challenges. Despite previous efforts over time to implement a business continuity system, the lack of dedicated resources often led to key staff diverting their attention to more immediate concerns. Inconsistent resource
availability and limited experience in business continuity planning resulted in inconsistent outcomes across the organisation, accompanied by difficulties in keeping the system up-to-date. Daisy’s consultants harnessed their Business Continuity as a Service (BCaaS) model to craft an initial scope of work. This delineated the required activities, enabling the development of a comprehensive work program in collaboration with SSP. The plan was subsequently fine-tuned to strike a balance between requisites and budget, culminating in a defined scope of service with a fixed price.
AT A GLANCE
- Upgrade existing business continuity management system (BCMS) to support the evolving requirements and risk landscape
- Acquire demonstrable certification of
management to international standards (ISO 22301)
- Business continuity
- Implemented staff relocation and work transfer strategies within 72 hours of the point of invocation.
- Boosted command, control and
communications capabilities to showed where mitigation for risk scenarios of concern were needed.
SSP opted for our BCaaS solution, which encompassed creating and deploying an economical business continuity management system finely tailored to their strategic goals and risk tolerance. Under their ownership and guidance, this management system is overseen and enhanced by Daisy’s leading consultancy team. Additionally, this service capitalises on Daisy’s business continuity software “Shadow-Planner” in two primary ways. Firstly, the mobile app provides essential responder guidance accessible on SSP’s mobile devices, readily available during times of need. Secondly, the Shadow Planner management tool serves to collect and analyse risk and continuity data. It further facilitates tracking and monitoring of the business continuity management system (BCMS) and its outcomes against their strategic risks and objectives.
In early 2020, the BCMS demonstrated its effectiveness in response to the COVID-19 pandemic. The organisation successfully executed strategies for staff relocation and work transfer by utilising SSP’s thoroughly rehearsed command, control, and communications framework alongside their BC intelligence. This response was instrumental in sustaining business operations despite challenges such as building access denial and staff absences due to widespread lockdowns across their operational territories. Notably, the entire endeavour was accomplished within an impressive 72 hours from the point of invocation. The earlier continuity risk analysis facilitated by the Daisy administered BCMS had already paved the way for enhancing command, control, and communications capabilities. This analysis also pinpointed the need for an array of mitigations in response to critical risk scenarios. Subsequently, leveraging their BCMS and risk management system, the organisation put these mitigations into effect, ensuring preparedness for COVID19’s impact.
The collaborative structures, strategies, and plans cultivated over recent years by SSP and Daisy, with specific focus on their BCMS, have facilitated swift responses to various disruptions. Rigorous training and rehearsals have equipped their teams to confidently lead incident responses, resulting in quicker and better informed decision-making. Daisy’s Shadow-Planner mobile app has supported responders with instant access to essential guidance and contact information during crises. The organisation is now considering expanding the app’s utility by incorporating technical recovery guidance and contacts.
Central to their proactive approach is the recurring lifecycle of BCMS activities, which maintains a continual focus on threats and vulnerabilities within the management’s purview. This cycle is instrumental in ingraining key management principles into SSP’s organisational fabric. The immediate value of this approach became evident during the first lifecycle, where Daisy worked collaboratively to standardise the continuity risk management approach across the evolving organisation. This standardisation allowed for a more uniform analysis of continuity risks and impacts, and facilitated the sharing and utilisation of responder and continuity expertise throughout the organisation. Leveraging Daisy’s Shadow-Planner administration software, most administrative tasks such as program scheduling, document control, and data analysis have been streamlined, freeing up the BC budget and personnel to concentrate on preparedness.
Consequently, SSP has enhanced control over continuity risks and enriched their dialogues on the subject. These discussions have matured over time, now encompassing broader topics such as emergency preparedness, command and control, crisis management, disaster recovery, and risk management. Daisy’s emphasis on fostering a comprehensive understanding of these broader disciplines has heightened the integration of key principles of organisational resilience into daily practices. SSP firmly believes that Daisy’s management systems approach has not only manifested demonstrable improvements to their system, competence, and capability but has also positioned them to align with international standards (ISO 22301)